CVE-2025-8088

Description

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET.

CVSS v3.1 Score

8.8

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA Known Exploited Vulnerability

This vulnerability is actively exploited in the wild.

Added: Aug 12, 2025 Remediation due: Sep 2, 2025

Weakness Type (CWE)

CWE-35 CWE-35

Affected Products

Vendor	Product	Versions
rarlab	winrar	< 7.13
microsoft	windows	All
dtsearch	dtsearch	< 2023.01
microsoft	windows	All

References

Other References

https://www.win-rar.com/singlenewsview.html?&L=0&tx_ttnews%5Btt_news%5D=283&cHash=a64b4a8f662d3639dec8d65f47bc93c5 https://arstechnica.com/security/2025/08/high-severity-winrar-0-day-exploited-for-weeks-by-2-groups/ https://support.dtsearch.com/faq/dts0245.htm https://www.vicarius.io/vsociety/posts/cve-2025-8088-detect-winrar-zero-day https://www.vicarius.io/vsociety/posts/cve-2025-8088-mitigate-winrar-zero-day-using-srp-and-ifeo https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-8088 https://www.welivesecurity.com/en/eset-research/update-winrar-tools-now-romcom-and-others-exploiting-zero-day-vulnerability/#the-discovery-of-cve-2025-8088

Frequently Asked Questions

What is CVE-2025-8088? +

A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to execute arbitrary code by crafting malicious archive files. This vulnerability was exploited in the wild and was discovered by Anton Cherepanov, Peter Košinár, and Peter Strýček from ESET. It has a CVSS v3.1 base score of 8.8 (HIGH). This vulnerability is listed in CISA's Known Exploited Vulnerabilities catalog, indicating active exploitation in the wild.

How severe is CVE-2025-8088? +

CVE-2025-8088 has a CVSS v3.1 score of 8.8 out of 10, rated HIGH. This is a high-severity vulnerability that should be prioritized for patching.

What products are affected by CVE-2025-8088? +

CVE-2025-8088 affects products from dtsearch, microsoft, rarlab, specifically: dtsearch, windows, winrar. Check the affected products table above for specific version ranges.

How do I check if I'm vulnerable to CVE-2025-8088? +

You can use Secably's free Website Scanner to check your website for known vulnerabilities. For infrastructure scanning, use the Port Scanner to identify exposed services that may be affected. Check the vendor advisories linked above for specific patch and version information.

Related Vulnerabilities

CVE-2026-6074

Intrado 911 Emergency Gateway (EGW) 5.x, 6.x, and 7.x contain a path traversal vulnerability in the download_debuglog_file.php endpoint used for …

CVE-2025-0858

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in certain Poly devices. The firmware flaw does not …

CVE-2025-5598

Path Traversal vulnerability in WF Steuerungstechnik GmbH airleader MASTER allows Retrieve Embedded Sensitive Data.This issue affects airleader MASTER: 3.0046.

CVE-2025-53417

DIAView (v4.2.0 and prior) - Directory Traversal Information Disclosure Vulnerability

CVE-2024-49770

`oak` is a middleware framework for Deno's native HTTP server, Deno Deploy, Node.js 16.5 and later, Cloudflare Workers and Bun. …

CVE-2024-11136

The default TCL Camera application exposes a provider vulnerable to path traversal vulnerability. Malicious application can supply malicious URI path …